das CiD-Popups Problem |
||
|---|---|---|
| #0
| ||
|
29.04.2007, 13:30
...neu hier
Beiträge: 5 |
||
 
|
|
|
|
29.04.2007, 13:35
Member
Beiträge: 3716 |
#2
hi, dei windows ist nicht ganz aktuell, darum kümmern wir uns gleich.
1. öffne arbeitsplatz,extras,ordneroptionen,ansicht dateinamenerweiterungen bei bekannten dateitypen ausblenden off geschützte systemdateien ausblenden off inhalte von systemordnern einblenden on und versteckte dateien alle einblenden on benenne nun die hijackthis.exe, die in einem eigenen ordner laufen muss, was sie bei dir nicht tut um! vorher bitte nach c:\programme\hijackthis verschieben, nenne sie hjt.com scanne erneut, poste log. lad combofix, poste log: http://virus-protect.org/artikel/tools/combofix.html lad filelist.zip, entpacke sie auf dem destkop, klicke filelist.bat poste von jedem verzeichniss die jeweils letzten 30 tage. http://members.linzag.net/680262/filelist.zip |
|
|
|
|
|
|
29.04.2007, 13:51
...neu hier
Themenstarter Beiträge: 5 |
#3
Ok alles gemacht denke ich
 Logfile of HijackThis v1.99.1 Scan saved at 13:50:37, on 29.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\WINNT\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINNT\system32\spoolsv.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINNT\system32\nvsvc32.exe C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe C:\Programme\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe C:\Programme\Java\jre1.6.0_01\bin\jusched.exe C:\WINNT\TBPanel.exe C:\Programme\ASUS\Probe\AsusProb.exe C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\Programme\Microsoft IntelliType Pro\itype.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\VisualTooltip\VisualToolTip.exe C:\Programme\Styler\Styler.exe C:\Programme\TuneUp Utilities 2006\MemOptimizer.exe C:\Programme\Internet Explorer\iexplore.exe c:\progra~1\intern~1\iexplore.exe C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE C:\Programme\LClock\lclock.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Winamp\winamp.exe C:\Programme\TuneUp Utilities 2006\Integrator.exe C:\Programme\ICQLite\ICQLite.exe C:\WINNT\system32\notepad.exe C:\Programme\hijackthis\hjt.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=200.75.131.58:80 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {E3737432-29DD-433E-A522-A41827269858} - (no file) O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Gainward] C:\WINNT\TBPanel.exe /A O4 - HKLM\..\Run: [ASUS Probe] C:\Programme\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nTrayFw] C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [LClock] C:\Programme\LClock\LClock.exe O4 - HKLM\..\Run: [Styler] C:\Programme\Styler\Styler.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [VisualTooltip] C:\Programme\VisualTooltip\VisualToolTip.exe O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2006\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [LClock] C:\Programme\LClock\lclock.exe O4 - HKCU\..\Run: [Fraps] C:\PROGRAME\FRAPS 2.7.2\FRAPS.EXE O4 - HKCU\..\Run: [web obj] C:\DOKUME~1\USER\ANWEND~1\RECTTE~1\Owns gram bat.exe O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ200~1\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ200~1\ICQ.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - G:\Spiele\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - G:\Spiele\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.samsung.com/Products/HardDiskDrive/SpinPointPSeries/ProductPresentation/ViewPoint/hdd/main.htm O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144164130593 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{ABE17A86-6AF9-4519-A1C6-DC4C012CF150}: NameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{D4C190F4-E775-4227-AC57-701F02B76724}: NameServer = 192.168.1.254 O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe (file missing) O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe "USER" - 07-04-29 13:40:38 Service Pack 2 ComboFix 07-04-25.4V - Running from: "C:\Dokumente und Einstellungen\USER\Desktop\" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Programme\install.log C:\WINNT\system32\sysdm.exe C:\WINNT\system32\vbuzip10.dll ((((((((((((((((((((((((((((((( Files Created from 2007-03-28 to 2007-04-29 )))))))))))))))))))))))))))))))))) 2007-04-29 13:26 28,672 --a------ C:\WINNT\system32\drivers\CO_Mon.sys 2007-04-29 13:26 <DIR> d-------- C:\WINNT\LastGood 2007-04-29 13:26 <DIR> d-------- C:\DOKUME~1\USER\ANWEND~1\WholeSecurity 2007-04-27 15:56 <DIR> d-------- C:\Programme\VID_0E8F&PID_0003 2007-04-23 00:52 <DIR> d-------- C:\Programme\Rectteamuser 2007-04-23 00:49 <DIR> d-------- C:\Programme\GetRight 2007-04-23 00:48 <DIR> d-------- C:\DOKUME~1\USER\ANWEND~1\GetRightToGo 2007-04-21 15:04 <DIR> d-------- C:\Programme\LimeWire 2007-04-21 15:04 <DIR> d-------- C:\DOKUME~1\USER\ANWEND~1\LimeWire 2007-04-13 20:56 <DIR> d-------- C:\Programme\LD 2007-04-03 21:06 <DIR> d-------- C:\Programme\SopCast 2007-04-03 21:06 <DIR> d-------- C:\DOKUME~1\USER\ANWEND~1\SopCast (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-04-28 15:45 744 --ah----- C:\os727163.bin 2007-04-27 15:56 -------- d--h----- C:\Programme\installshield installation information 2007-04-26 20:25 -------- d-------- C:\DOKUME~1\USER\ANWEND~1\teamspeak2 2007-04-26 18:24 -------- d-------- C:\DOKUME~1\USER\ANWEND~1\openoffice.org2 2007-04-23 00:52 -------- d-------- C:\DOKUME~1\USER\ANWEND~1\rectteamuser 2007-04-21 15:03 -------- d-------- C:\Programme\idoser 2007-04-21 15:02 -------- d-------- C:\Programme\diet k 2007-03-28 11:38 -------- d-------- C:\Programme\sidebar 2007-03-28 11:38 -------- d-------- C:\Programme\mirc 2007-03-28 11:38 -------- d-------- C:\Programme\irfanview 2007-03-27 20:17 -------- d-------- C:\DOKUME~1\USER\ANWEND~1\netpumper 2007-03-25 14:41 67310 --a------ C:\WINNT\system32\perfc007.dat 2007-03-25 14:41 387012 --a------ C:\WINNT\system32\perfh007.dat 2007-03-23 21:08 108144 --a------ C:\WINNT\system32\cmdlineext.dll 2007-03-17 15:44 293376 --a------ C:\WINNT\system32\winsrv.dll 2007-03-08 17:36 579072 --a------ C:\WINNT\system32\user32.dll 2007-03-08 17:36 40960 --a------ C:\WINNT\system32\mf3216.dll 2007-03-08 17:36 281600 --a------ C:\WINNT\system32\gdi32.dll 2007-03-08 17:32 1843712 --a------ C:\WINNT\system32\win32k.sys 2007-03-07 23:56 -------- d-------- C:\Programme\icqlite 2007-03-01 22:37 -------- d-------- C:\DOKUME~1\USER\ANWEND~1\real 2007-03-01 22:36 4424 --a------ C:\WINNT\mozver.dat 2007-03-01 22:35 -------- d-------- C:\Programme\real 2007-03-01 22:35 -------- d-------- C:\Programme\Gemeinsame Dateien\xing shared 2007-02-05 22:18 185856 --a------ C:\WINNT\system32\upnphost.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Programme\Java\jre1.6.0_01\bin\ssv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Synchronization Manager"="mobsync.exe /logon" "CTSysVol"="C:\\Programme\\Creative\\SBAudigy LS\\Surround Mixer\\CTSysVol.exe /r" "UpdReg"="C:\\WINNT\\UpdReg.EXE" "CTRegRun"="C:\\WINNT\\CTRegRun.EXE" "NeroFilterCheck"="C:\\WINNT\\system32\\NeroCheck.exe" "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.6.0_01\\bin\\jusched.exe\"" "Gainward"="C:\\WINNT\\TBPanel.exe /A" "ASUS Probe"="C:\\Programme\\ASUS\\Probe\\AsusProb.exe" "ISUSScheduler"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\issch.exe\" -start" "NVMixerTray"="\"C:\\Programme\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\"" "NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "nTrayFw"="C:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\bin\\nTrayFw.exe" "itype"="\"C:\\Programme\\Microsoft IntelliType Pro\\itype.exe\"" "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" "ccApp"="\"C:\\Programme\\Gemeinsame Dateien\\Symantec Shared\\ccApp.exe\"" "osCheck"="\"C:\\Programme\\Norton AntiVirus\\osCheck.exe\"" "LClock"="C:\\Programme\\LClock\\LClock.exe" "Styler"="C:\\Programme\\Styler\\Styler.exe" "NvMediaCenter"="RUNDLL32.EXE C:\\WINNT\\system32\\NvMcTray.dll,NvTaskbarInit" "VisualTooltip"="C:\\Programme\\VisualTooltip\\VisualToolTip.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "TuneUp MemOptimizer"="\"C:\\Programme\\TuneUp Utilities 2006\\MemOptimizer.exe\" autostart" "LClock"="C:\\Programme\\LClock\\lclock.exe" "Fraps"="C:\\PROGRAME\\FRAPS 2.7.2\\FRAPS.EXE" "web obj"="C:\\DOKUME~1\\USER\\ANWEND~1\\RECTTE~1\\Owns gram bat.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce] "ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"="C:\\Programme\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop" "tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "internat.exe"="internat.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsMenu"=dword:00000001 "NoFavoritesMenu"=dword:00000000 "NoSMMyDocs"=dword:00000000 "NoSMMyPictures"=dword:00000000 "NoStartMenuMyMusic"=dword:00000000 "NoRecentDocsHistory"=dword:00000001 "NoRecentDocsNetHood"=dword:00000000 "NoSMHelp"=dword:00000000 "NoRun"=dword:00000000 "NoInstrumentation"=dword:00000000 "NoSimpleStartMenu"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoWindowsUpdate"=dword:00000000 "NoRecentDocsMenu"=dword:00000001 "NoFavoritesMenu"=dword:00000000 "NoSMMyDocs"=dword:00000000 "NoSMMyPictures"=dword:00000000 "NoStartMenuMyMusic"=dword:00000000 "NoRecentDocsHistory"=dword:00000001 "ClearRecentDocsOnExit"=dword:00000001 "NoRecentDocsNetHood"=dword:00000000 "NoSMHelp"=dword:00000000 "NoUserNameInStartMenu"=dword:00000001 "NoInstrumentation"=dword:00000000 "NoStartMenuPinnedList"=dword:00000000 "ForceStartMenuLogoff"=dword:00000000 "NoSharedDocuments"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1] Source REG_SZ http://www.scottwills.co.uk/flash/teamwork/teamwork.html HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SoundMan"="SOUNDMAN.EXE" "\\\\Hanne\\EPSON Stylus D68 Series"="C:\\WINNT\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIAAE.EXE /P31 \"\\\\Hanne\\EPSON Stylus D68 Series\" /O6 \"USB002\" /M \"Stylus D68\"" "DAEMON Tools"="\"C:\\Programme\\DAEMON Tools\\daemon.exe\" -lang 1033" "ICQ Lite"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "Blaero Start Orb"="C:\\Programme\\Blaero Start Orb\\Blaero Start Orb.exe" "ISUSPM Startup"="C:\\PROGRA~1\\GEMEIN~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] rpcss REG_MULTI_SZ RpcSs\0\0 BITSgroup REG_MULTI_SZ BITS\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D] Shell\AutoRun\command D:\autorun6e.exe *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_CO_MON Contents of the 'Scheduled Tasks' folder C:\WINNT\tasks\AA589933919F0DDB.job C:\WINNT\tasks\Norton AntiVirus - Vollst„ndige Systemprfung ausfhren - USER.job ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-04-29 13:45:42 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-04-29 13:45:54 C:\ComboFix-quarantined-files.txt ... 07-04-29 13:45 ----- Root ----------------------------- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\ 29.04.2007 13:46 43 filelist.txt 29.04.2007 13:45 9.347 ComboFix.txt 29.04.2007 13:45 654 ComboFix-quarantined-files.txt 29.04.2007 13:15 2.147.012.608 hiberfil.sys 28.04.2007 15:45 744 os727163.bin ----- Windows -------------------------- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\WINNT 29.04.2007 13:46 513 DFC.INI 29.04.2007 13:26 656.280 setupapi.log 29.04.2007 13:16 0 0.log 29.04.2007 13:16 1.613.093 WindowsUpdate.log 29.04.2007 13:15 2.048 bootstat.dat 29.04.2007 00:04 32.504 SchedLgU.Txt 28.04.2007 21:16 116.012 ntbtlog.txt 26.04.2007 19:23 49 NeroDigital.ini 21.04.2007 21:31 214 wiadebug.log 21.04.2007 21:15 50 wiaservc.log 21.04.2007 03:52 86.528 catchme.exe 11.04.2007 14:50 1.119.942 iis6.log 11.04.2007 14:50 169.485 ntdtcsetup.log 11.04.2007 14:50 423.841 comsetup.log 11.04.2007 14:50 1.374 imsins.log 11.04.2007 14:50 36.445 tabletoc.log 11.04.2007 14:50 365.947 tsoc.log 11.04.2007 14:50 43.143 ocmsn.log 11.04.2007 14:50 13.965 KB931784.log 11.04.2007 14:50 511.058 ocgen.log 11.04.2007 14:50 129.106 netfxocm.log 11.04.2007 14:50 56.530 MedCtrOC.log 11.04.2007 14:50 39.290 msgsocm.log 11.04.2007 14:50 788.561 FaxSetup.log 11.04.2007 14:50 269.272 msmqinst.log 11.04.2007 14:50 1.374 imsins.BAK 11.04.2007 14:50 12.293 KB931261.log 11.04.2007 14:50 98.864 updspapi.log 11.04.2007 14:50 11.789 KB930178.log 11.04.2007 14:50 11.715 KB932168.log 04.04.2007 10:48 12.143 KB925902.log 24.03.2007 12:02 1.622 setupact.log ----- System 32 (Achtung: Zeitfenster beachten!) --- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\WINNT\system32 29.04.2007 13:43 50.350 nmp.log 29.04.2007 13:16 87.735 nvapps.xml 29.04.2007 13:15 0 _nvidia_xxx_.log 29.04.2007 00:04 16 coh.cache 22.04.2007 16:09 2.206 wpa.dbl 14.04.2007 18:16 4.254 jupdate-1.6.0_01-b06.log 06.04.2007 13:21 9.857 jupdate-1.5.0_11-b03.log 04.04.2007 10:49 142.832 FNTCACHE.DAT 03.04.2007 22:48 13.511.640 MRT.exe 02.04.2007 14:21 428.032 swreg.exe 25.03.2007 14:41 388.650 perfh009.dat ---- Prefetch ------------------------- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\WINNT\Prefetch 29.04.2007 13:46 15.282 VERCLSID.EXE-02E67750.pf 29.04.2007 13:46 17.008 NOTEPAD.EXE-23994F63.pf 29.04.2007 13:45 74.376 VFIND.CFEXE-1D45A2DD.pf 29.04.2007 13:45 5.370 TREE.COM-2AA90E08.pf 29.04.2007 13:45 11.500 SORT.EXE-02417AFD.pf 29.04.2007 13:45 38.356 11557.CFEXE-1B841C68.pf 29.04.2007 13:45 12.322 CMD.EXE-06F53AE9.pf 29.04.2007 13:45 11.564 FIND.EXE-2ED195EC.pf 29.04.2007 13:45 9.030 SWREG.CFEXE-2907302B.pf 29.04.2007 13:45 11.642 FINDSTR.EXE-3876EF0C.pf 29.04.2007 13:44 5.334 CHCP.COM-33A1C38B.pf 29.04.2007 13:44 10.838 REGT.CFEXE-121E7C20.pf 29.04.2007 13:44 3.454 REGBINDUMP.CFEXE-28555F26.pf 29.04.2007 13:44 11.694 ATTRIB.EXE-159BBA59.pf 29.04.2007 13:44 8.534 NIRCMD.CFEXE-18867DC3.pf 29.04.2007 13:44 7.292 SWSC.CFEXE-0371FC85.pf 29.04.2007 13:44 5.734 DUMPHIVE.CFEXE-255680F0.pf 29.04.2007 13:43 100.452 IEXPLORE.EXE-03D33524.pf 29.04.2007 13:43 6.760 SWXCACLS.CFEXE-01BF3FA5.pf 29.04.2007 13:42 76.336 WINRAR.EXE-1F2395DA.pf 29.04.2007 13:41 68.128 WEBCOLCT.EXE-053C4BF7.pf 29.04.2007 13:40 4.488 HANDLE.CFEXE-1F434672.pf 29.04.2007 13:40 22.354 SETPATH.CFEXE-256478B6.pf 29.04.2007 13:40 8.874 SWREG.EXE-323E6DFD.pf 29.04.2007 13:40 47.048 COMBOFIX.EXE-30215D74.pf 29.04.2007 13:40 24.148 WMIPRVSE.EXE-199BFD41.pf 29.04.2007 13:39 18.798 HJT.COM-23B52290.pf 29.04.2007 13:33 72.194 ICQLITE.EXE-27EB5A87.pf 29.04.2007 13:29 19.472 HIJACKTHIS.EXE-1A108C69.pf 29.04.2007 13:26 36.376 WSOOPSCAN.EXE-1FF0A8CA.pf 29.04.2007 13:26 31.436 AUPDATE.EXE-233AFF23.pf 29.04.2007 13:26 58.516 LUCOMS~1.EXE-39128E82.pf 29.04.2007 13:26 67.478 LUCALLBACKPROXY.EXE-2C162F9B.pf 29.04.2007 13:26 62.902 NAVW32.EXE-37945B37.pf 29.04.2007 13:21 18.662 HIJACKTHIS.EXE-33F4A496.pf 29.04.2007 13:19 67.524 STARTUPMANAGER.EXE-096730DE.pf 29.04.2007 13:19 52.962 INTEGRATOR.EXE-374B149F.pf 29.04.2007 13:18 79.550 WINAMP.EXE-0DA1BB35.pf 29.04.2007 13:18 95.032 FIREFOX.EXE-3425AEB8.pf 29.04.2007 13:18 18.610 RUNDLL32.EXE-49E2EFCE.pf 29.04.2007 13:18 13.208 LCLOCK.EXE-1BACB606.pf 29.04.2007 13:17 17.672 KHALMNPR.EXE-13375DED.pf 29.04.2007 13:17 56.128 SETPOINT.EXE-19AC35EF.pf 29.04.2007 13:17 17.114 REGSVR32.EXE-135F36AA.pf 29.04.2007 13:17 20.332 SETPOINTUPDATE.EXE-1D11EFA3.pf 29.04.2007 13:17 85.684 IMAPI.EXE-0A2C9126.pf 29.04.2007 13:17 22.722 WUAUCLT.EXE-0DC9C6B1.pf 29.04.2007 13:17 30.358 OWNS GRAM BAT.EXE-15446403.pf 29.04.2007 13:12 21.274 RUNDLL32.EXE-423C5EE9.pf 29.04.2007 13:05 22.144 RUNDLL32.EXE-5EAABA15.pf 29.04.2007 13:00 33.574 PES6.EXE-116207FF.pf 29.04.2007 13:00 73.746 IEXPLORE.EXE-074BE63E.pf 29.04.2007 13:00 23.766 MATH AXIS.EXE-00A49BED.pf 29.04.2007 13:00 21.178 WINDEFYARMY.EXE-32F328FC.pf 29.04.2007 12:59 22.946 SETTINGS.EXE-1F2BF1B8.pf 29.04.2007 12:28 24.236 SSAUTORN.EXE-237A60BF.pf 29.04.2007 12:10 10.430 SYMLCSVC.EXE-316A6A5E.pf 29.04.2007 12:10 99.198 SYMLCSV1.EXE-0F7D1573.pf 29.04.2007 12:09 33.940 READER_SL.EXE-1EAD454B.pf 29.04.2007 12:09 17.460 FRAPS.EXE-13814EF4.pf 29.04.2007 12:09 17.712 MEMOPTIMIZER.EXE-2DF48C2B.pf 29.04.2007 12:09 27.500 RUNDLL32.EXE-55BC192E.pf 29.04.2007 12:09 23.052 STYLER.EXE-3547600F.pf 29.04.2007 12:09 10.856 VISUALTOOLTIP.EXE-11AB8881.pf 29.04.2007 12:09 27.966 CCAPP.EXE-12DF021E.pf 29.04.2007 12:09 26.420 NTRAYFW.EXE-0B968EA2.pf 29.04.2007 12:09 15.852 NVMIXERTRAY.EXE-1969521C.pf 29.04.2007 12:09 6.202 NTVDM.EXE-303475ED.pf 29.04.2007 12:09 10.936 OSCHECK.EXE-065A29CA.pf 29.04.2007 12:09 20.328 ISUSPM.EXE-036B5A6C.pf 29.04.2007 12:09 4.708 ISSCH.EXE-3647AD8E.pf 29.04.2007 12:09 14.292 ASUSPROB.EXE-2594FC5B.pf 29.04.2007 12:09 9.620 TBPANEL.EXE-0EAA89FD.pf 29.04.2007 12:09 10.378 JUSCHED.EXE-0B1FB391.pf 29.04.2007 12:09 32.274 CTSYSVOL.EXE-0624DCAE.pf 29.04.2007 12:09 19.750 RUNDLL32.EXE-39AFA382.pf 29.04.2007 12:09 12.706 DUMPREP.EXE-1089CEC0.pf 29.04.2007 12:09 20.558 MOBSYNC.EXE-1491EAD2.pf 29.04.2007 12:09 6.172 NEROCHECK.EXE-186F12AB.pf 29.04.2007 12:09 3.690 CTREGRUN.EXE-13FD2447.pf 29.04.2007 12:09 5.992 UPDREG.EXE-0D418B3D.pf 29.04.2007 00:03 14.006 UPDAT32.EXE-36A81F62.pf 29.04.2007 00:03 55.274 20070428-017-I32.EXE-06B89BCE.pf 29.04.2007 00:01 61.670 RUNDLL32.EXE-2612D136.pf 28.04.2007 23:49 31.058 MPLAYERC.EXE-26906AA6.pf 28.04.2007 23:42 5.416 ITYPE.EXE-072B6B38.pf 28.04.2007 23:42 3.784 KHALMNPR.EXE-15C635F7.pf 28.04.2007 21:23 18.302 RUNDLL32.EXE-55EAE890.pf 28.04.2007 21:22 29.182 RUNDLL32.EXE-28ADC377.pf 28.04.2007 21:22 29.258 APACHE.EXE-0C03989E.pf 28.04.2007 21:22 17.048 FXSSVC.EXE-17403770.pf 28.04.2007 21:22 15.682 NSVCAPPFLT.EXE-2CADFC21.pf 28.04.2007 21:22 20.924 NVSVC32.EXE-01BFED12.pf 28.04.2007 21:22 23.386 NSVCLOG.EXE-215E056E.pf 28.04.2007 21:22 18.686 RUNDLL32.EXE-49EB903F.pf 28.04.2007 21:22 22.452 NSVCIP.EXE-312ADC3A.pf 28.04.2007 21:22 30.316 MDM.EXE-2FBFEF2F.pf 28.04.2007 15:45 21.306 TASKMGR.EXE-0BAB5B6C.pf 28.04.2007 13:57 53.004 HELPSVC.EXE-0AC39FB7.pf 28.04.2007 13:56 42.852 DFRGNTFS.EXE-12B4CCFA.pf 28.04.2007 13:56 16.754 DEFRAG.EXE-02EFD275.pf 28.04.2007 13:55 324.056 Layout.ini 28.04.2007 13:38 17.840 RUNDLL32.EXE-292D087A.pf 28.04.2007 13:38 18.542 RUNDLL32.EXE-57ECACF0.pf 28.04.2007 13:38 23.118 VBOXM.DLL-0E1828E6.pf 28.04.2007 13:38 38.594 AUDITION.EXE-1034BF28.pf 28.04.2007 13:38 62.050 AUDIOSTUDIO80.EXE-3601AAAA.pf 27.04.2007 17:48 58.130 TEAMSPEAK.EXE-113CF72F.pf 27.04.2007 17:35 23.978 AGENT.EXE-23C61307.pf ----- Tasks ---------------------------- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\WINNT\tasks 29.04.2007 13:15 6 SA.DAT 29.04.2007 13:00 254 AA589933919F0DDB.job 20.04.2007 20:00 572 Norton AntiVirus - Vollst„ndige Systemprfung ausfhren - USER.job 24.07.2002 14:00 65 desktop.ini 4 Datei(en) 897 Bytes 0 Verzeichnis(se), 3.322.843.136 Bytes frei ----- Windows/Temp ----------------------- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\WINNT\Temp ----- Temp ----------------------------- Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\DOKUME~1\USER\LOKALE~1\Temp 29.04.2007 13:33 16.384 ~DFC92D.tmp 29.04.2007 13:33 512 ~DFB472.tmp 29.04.2007 13:33 16.384 ~DFB458.tmp 29.04.2007 13:18 1.020 ~ROMFN_000006AC 29.04.2007 13:17 16.384 Perflib_Perfdata_d2c.dat 5 Datei(en) 50.684 Bytes 0 Verzeichnis(se), 3.322.839.040 Bytes frei |
|
|
|
|
|
|
29.04.2007, 14:05
Member
Beiträge: 3716 |
#4
nutze counterspy nach dieser anleitung:
www.hijackthis-forum.de/showthread.php?t=14738 - 37k - mache die updates im normalen modus, scanns im abgesicherten, so oft, bis wirklich nichts mehr gefunden wird! poste alle logs! |
|
|
|
|
|
|
29.04.2007, 18:33
...neu hier
Themenstarter Beiträge: 5 |
#5
Ok
habe es durchgeführt hier die Logs: Scan History Details Start Date: 29.04.2007 14:39:53 End Date: 29.04.2007 17:07:13 Total Time: 147 Min 20 Sec Detected security risks Cookie: Adserver Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@adserver[1].txt Cookie: Adviva Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@adviva[2].txt Cookie: Trafficmp.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@trafficmp[2].txt Cookie: Anti-Leech.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@anti-leech[2].txt Cookie: ATDMT.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@atdmt[2].txt Cookie: Bravenet.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@bravenet[1].txt Cookie: BS.Serving-Sys Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@bs.serving-sys[2].txt c:\dokumente und einstellungen\user\cookies\user@serving-sys[1].txt Cookie: BurstNet.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@burstnet[1].txt Cookie: Cdfreaks Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@cdfreaks[2].txt Cookie: CGI-Bin Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@cgi-bin[1].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[2].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[3].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[4].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[5].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[6].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[7].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[8].txt c:\dokumente und einstellungen\user\cookies\user@cgi-bin[9].txt Cookie: Com.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@com[2].txt Cookie: CoreMetrics.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@data.coremetrics[1].txt Cookie: DoubleClick Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@doubleclick[2].txt Cookie: Hitbox.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@hitbox[2].txt Cookie: FastClick.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@fastclick[2].txt c:\dokumente und einstellungen\user\cookies\user@media.fastclick[2].txt Cookie: FortuneCity.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@fortunecity[2].txt Cookie: GeoCities Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@geocities[1].txt Cookie: HotLog.ru Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@hotlog[1].txt Cookie: Mediaplex.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@mediaplex[2].txt NewDotNet Browser Plug-in more information... Details: New.Net is an Internet Explorer spyware/hijacker plug-in that adds subdomains of 'new.net' to your name resolution system (Windows Host file), resulting in what appear to be extra top-level domains (.shop, and so on) being resolvable. Status: Quarantined Registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\NEW.NET HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\NEW.NET HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\NEW.NET Cookie: Overture.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@overture[2].txt Cookie: PacificPoker Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@pacificpoker[1].txt Cookie: PointRoll.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@ads.pointroll[2].txt Cookie: PriceGrabber Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@pricegrabber[2].txt Cookie: QuestionMarket.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@questionmarket[1].txt Cookie: RealMedia.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@realmedia[1].txt Cookie: Revenue.net Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@revenue[1].txt Cookie: SageAnalyst Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@sageanalyst[1].txt Cookie: Advertising.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@advertising[1].txt Cookie: SexList.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@sexlist[1].txt Cookie: SpyLog.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@spylog[1].txt Cookie: Stat.Onestat Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@stat.onestat[2].txt Cookie: Adserver.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@z1.adserver[1].txt Cookie: Zedo Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@zedo[1].txt Cookie: XXXCounter.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@xxxcounter[2].txt Cookie: ValueClick.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@valueclick[1].txt c:\dokumente und einstellungen\user\cookies\user@valueclick[2].txt Cookie: Targetnet.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@targetnet[2].txt Cookie: TribalFusion.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@tribalfusion[2].txt Cookie: Tripod Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@tripod[1].txt Cookie: Weborama Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@weborama[2].txt Cookie: WindowsMedia Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@windowsmedia[1].txt Cookie: adrevolver Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@adrevolver[1].txt c:\dokumente und einstellungen\user\cookies\user@adrevolver[2].txt c:\dokumente und einstellungen\user\cookies\user@adrevolver[4].txt c:\dokumente und einstellungen\user\cookies\user@adrevolver[5].txt Cookie: as-us.falkag Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@falkag[2].txt Cookie: cookie.monster Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@cookie.monster[1].txt Cookie: maxserving Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@maxserving[2].txt Cookie: tickle Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@tickle[2].txt Cookie: SexTracker.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@sextracker[1].txt Cookie: casalemedia.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@casalemedia[2].txt Cookie: statcounter.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@statcounter[2].txt Cookie: adriver Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@adriver[1].txt AntiLeech Plugin Adware (General) more information... Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software. Status: Quarantined Files detected C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.2\al2np.dll C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.2\alhlp.exe C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.2\alie.dll C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.2\alie.inf C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.2\iesetup2.exe C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.3\alhlp.exe C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.3\alie.dll C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.3\alie.inf C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.3\iesetup2.exe C:\PROGRAMME\ANTI-LEECH C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.2 C:\PROGRAMME\ANTI-LEECH\ALIE_1.0.2.3 Registry entries detected HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE.1 HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE.1 HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE.1\CLSID HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE.1\CLSID HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE\CLSID HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE\CLSID HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE\CurVer HKEY_LOCAL_MACHINE\Software\Classes\ANTILEECH.ALIE\CurVer HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\ProgID HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\ProgID HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\Programmable HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\TypeLib HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\TypeLib HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\VersionIndependentProgID HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\VersionIndependentProgID HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ANTI-LEECH ALIE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ANTI-LEECH ALIE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ANTI-LEECH ALIE Cookie: PriceBandit Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@apmebf[2].txt Cookie: RegNow Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@www.regnow[2].txt Cookie: Claria.DashBar Cookie Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@belnk[1].txt Cookie: Radar Spy Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@landing.domainsponsor[1].txt c:\dokumente und einstellungen\user\cookies\user@tradedoubler[2].txt c:\dokumente und einstellungen\user\cookies\user@yourmedia[1].txt Cookie: KeyCaptor Keylogger 1.0 Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@versiontracker[1].txt Cookie: Desktop Spy Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@list[2].txt Cookie: ABetterInternet.Aurora Cookie Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@a[2].txt Cookie: ad.yieldmanager Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\user\cookies\user@ad.yieldmanager[1].txt Backdoor.IRC.Small.g Backdoor more information... Status: Quarantined Files detected C:\Programme\mIRC\script\dlls\nHTMLn.dll C:\Programme\NoNameScript\script\dlls\nHTMLn.dll Trojan-Flood.I Trojan more information... Status: Quarantined Files detected C:\Programme\mIRC\script\dlls\stdio.dll C:\Programme\NoNameScript\script\dlls\stdio.dll Trojan.FatObfus.Gen Trojan more information... Status: Quarantined Files detected C:\Dokumente und Einstellungen\USER\Anwendungsdaten\Rectteamuser\qjzmkvkr.exe |
|
|
|
|
|
|
29.04.2007, 20:46
Ehrenmitglied
 Beiträge: 6028 |
#6
Waehle bei CounterSpy immer
 Entferne unter Software CID help Download Deljob.zip zum Desktop und entpacke Doppelklick Deljob.exe Ein logfile wird sich oeffnen (logit.txt) Kopiere den Inhalt des Berichts “logit.txt” in diesen Thread Anhang: deljob.zip __________ MfG Argus |
|
|
|
|
|
|
29.04.2007, 21:19
...neu hier
Themenstarter Beiträge: 5 |
#7
--------------------------------------------------------
No LOP job-files found -------------------------------------------------------- Files in Windows Tasks folder Norton AntiVirus - Vollst„ndige Systemprfung ausfhren - USER.job -------------------------------------------------------- Export App Data folders Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\Dokumente und Einstellungen\USER\Anwendungsdaten 29.04.2007 21:18 <DIR> . 29.04.2007 21:18 <DIR> .. 05.02.2006 03:23 <DIR> ZMATRI~1 .ZMatrix 11.11.2006 13:32 <DIR> Adobe 18.03.2007 19:47 <DIR> AdobeUM 07.06.2006 22:09 <DIR> APPLEC~1 Apple Computer 23.04.2007 00:50 <DIR> GETRIG~1 GetRightToGo 16.01.2006 20:39 <DIR> Google 08.09.2006 16:01 <DIR> Hamachi 28.01.2006 17:44 <DIR> Help 04.11.2006 14:21 <DIR> ICQ 31.12.2005 13:39 <DIR> ICQLite 31.12.2005 18:09 <DIR> IDENTI~1 Identities 08.01.2007 23:02 <DIR> IDS_CO~1 IDS_COMPANY 07.03.2006 18:57 <DIR> KAZAAL~1 Kazaa Lite 21.04.2007 15:04 <DIR> LimeWire 31.12.2005 13:01 <DIR> Logitech 31.12.2005 19:03 <DIR> MACROM~1 Macromedia 01.01.2006 15:24 <DIR> MEDIAP~1 Media Player Classic 25.06.2006 15:32 <DIR> MICROS~1 Microsoft 01.05.2006 20:06 <DIR> MOBILE~1 Mobile Master 11.10.2006 14:40 <DIR> Mozilla 27.03.2007 20:17 <DIR> NETPUM~1 NetPumper 26.04.2007 18:24 <DIR> OPENOF~1.ORG OpenOffice.org2 03.04.2006 18:39 <DIR> Opera 09.10.2006 22:27 <DIR> PHONOS~1 phonostar-Player 21.02.2007 19:04 <DIR> PUBLIS~1 Publish Providers 01.03.2007 22:37 <DIR> Real 17.12.2006 01:34 <DIR> Skype 21.02.2007 19:03 <DIR> Sony 03.04.2007 21:08 <DIR> SopCast 18.01.2007 21:00 <DIR> Stardock 18.01.2007 21:05 <DIR> Styler 17.03.2006 19:12 <DIR> Sun 27.10.2006 20:11 <DIR> Symantec 25.02.2007 15:12 <DIR> Talkback 26.04.2007 20:25 <DIR> TEAMSP~1 teamspeak2 03.04.2006 13:20 <DIR> TUNEUP~1 TuneUp Software 14.11.2006 08:44 <DIR> vlc 29.04.2007 13:26 <DIR> WHOLES~1 WholeSecurity 0 Datei(en) 0 Bytes 40 Verzeichnis(se), 3.067.236.352 Bytes frei Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\Dokumente und Einstellungen\All Users Datentr„ger in Laufwerk C: ist HDD 1 Volumeseriennummer: 70AB-2EC9 Verzeichnis von C:\WINNT -------------------------------------------------------- |
|
|
|
|
|
|
29.04.2007, 21:44
Ehrenmitglied
Beiträge: 6028 |
||
|
|
|
|
|
29.04.2007, 23:50
...neu hier
Themenstarter Beiträge: 5 |
||
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
normalerweiße halte ich meinen PC sauber und hab auch eig. keine Probleme etc.
nur seit neustem poppen immer CiD-Popus auf, wenn ich kurz im IE bin (sonst benutze ich FF). Hier mein Hijackthis-Log. Wäre nett, wenn da mal jemand drüberschauen könnte. Danke
Logfile of HijackThis v1.99.1
Scan saved at 13:29:51, on 29.04.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\WINNT\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
C:\WINNT\system32\spoolsv.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINNT\system32\nvsvc32.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Programme\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\Programme\Java\jre1.6.0_01\bin\jusched.exe
C:\WINNT\TBPanel.exe
C:\Programme\ASUS\Probe\AsusProb.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\VisualTooltip\VisualToolTip.exe
C:\Programme\Styler\Styler.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Programme\TuneUp Utilities 2006\MemOptimizer.exe
C:\Programme\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\LClock\lclock.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Winamp\winamp.exe
C:\Programme\TuneUp Utilities 2006\Integrator.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\DOKUME~1\USER\LOKALE~1\Temp\Rar$EX00.031\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=200.75.131.58:80
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {E3737432-29DD-433E-A522-A41827269858} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Gainward] C:\WINNT\TBPanel.exe /A
O4 - HKLM\..\Run: [ASUS Probe] C:\Programme\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nTrayFw] C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [LClock] C:\Programme\LClock\LClock.exe
O4 - HKLM\..\Run: [Styler] C:\Programme\Styler\Styler.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VisualTooltip] C:\Programme\VisualTooltip\VisualToolTip.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [LClock] C:\Programme\LClock\lclock.exe
O4 - HKCU\..\Run: [Fraps] C:\PROGRAME\FRAPS 2.7.2\FRAPS.EXE
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ200~1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ200~1\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - G:\Spiele\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - G:\Spiele\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nvappfilter.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.samsung.com/Products/HardDiskDrive/SpinPointPSeries/ProductPresentation/ViewPoint/hdd/main.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144164130593
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABE17A86-6AF9-4519-A1C6-DC4C012CF150}: NameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4C190F4-E775-4227-AC57-701F02B76724}: NameServer = 192.168.1.254
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe